Uploaded image for project: 'CDAP'
  1. CDAP
  2. CDAP-11839

Read on an entity should not depend on its parent privilege

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.2.0
    • Fix Version/s: 4.3.0
    • Component/s: Security
    • Labels:
    • Release Notes:
      Modified the authorization model so that read/write on an entity will not depend on its parent.
    • Rank:
      1|i003f3:

      Description

      Now, even if we have READ privileges on a stream/dataset, we will need some privilege(can be any of READ, WRITE, ADMIN or EXECUTE) on its parent to be able to successfully read from the entity. We should not expect privileges on parent since privileges of parent will get inherited to all child entities, which is not we want in some cases.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                yaojie Yaojie Feng
                Reporter:
                yaojie Yaojie Feng
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: